Non-responsive name servers when started during boot on OS X Mavericks 10.9

Eduardo Bonsi beartcom at pacbell.net
Sat Jan 18 19:03:15 UTC 2014 

It is possible then that when you copied the BIND files back to 10.9, something got broken along the way? I am suspecting that is your BIND package itself! Forget about your actual BIND package, it is outdated!

1. Go to support.menandmice.com

(http://support.menandmice.com/download/bind/macosx/10.9-Mavericks/)

and download the last package of Bind for Mavericks! Thanks to them for keeping up in areas where Apple is dropping the ball. I believe yours is
ISCBIND-9.9.4-x86_64-10.9.zip                      25-Oct-2013 20:15            18492934

In case you do not use Bind with the (RRL) Responsible Rate Limit. 

If you decided for instance to use BIND with RRL you have to download this package,
ISCBIND-9.9.4r-x86_64-10.9.zip                     25-Oct-2013 20:15            18641078
...and add these line at your named.conf file,

rate-limit {
       responses-per-second 5;
       log-only yes;
   };

Some more info about RRL can be found here,
https://www.isc.org/blogs/bind-9-9-4-released/

2. Make sure you have your rndc.key configuration setup accordingly. 
nano /etc/rndc.key

Double check your name.conf file for the 
dnssec-lookaside . trust-anchor dlv.isc.org.;

3. Then,
dscacheutil -flushcache

To re-start!






 
--
Eduardo Bonsi
System/Network Admin
BEARTCOMMUNICATIONS
beartcom at pacbell.net


________________________________
 From: Larry Stone <lstone19 at stonejongleux.com>
To: "bind-users at lists.isc.org" <bind-users at lists.isc.org> 
Sent: Saturday, January 18, 2014 5:52 AM
Subject: Re: Non-responsive name servers when started during boot on OS X Mavericks 10.9
 

That is not the problem. Named does start at boot but it is non-responsive (with further thought, perhaps it is for some reason not listening on port 53). When killed and restarted, it then works fine.

I am not familiar with macshadows.com but those directions are incomplete and and assume the existence of files that may not exist. The first command listed, 
launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist, loads org.isc.named.plist and with the -w, marks it “enabled” and to be loaded and started at boot time. It does not create org.isc.named.plist. 

The second line merely appends that command to /etc/launchd.conf but that is unneeded as anything in /System/Library/LaunchDeamons and /Library/LaunchDeamons that has been marked “enabled” with a previous load -w will start at boot. By default, there is no /etc/launchd.conf (I do not have or need one).

BTW, /System/Library/LaunchDaemons is reserved for Apple provided launch daemons. User provided ones belong in /Library/LaunchDaemons. When Apple was providing BIND in version prior to 10.9, /System/Library/LaunchDaemons was the proper place for org.isc.named.plist but now that it’s user provided, it belongs in /Library/LaunchDaemons/.

-- 
Larry Stone
lstone19 at stonejongleux.com
http://www.stonejongleux.com/


On Jan 17, 2014, at 11:10 PM, Eduardo Bonsi <beartcom at pacbell.net> wrote:

> Hello Larry,
> 
> I had the same "head-ache" when I upgraded to 10.9. It seems that instead going forward we all took a step behind. I guess this type of free stuff does come with something attached to it. Anyways, when you upgraded to 10.9 the boot files were wipe clean from the /System/Library/LaunchDaemons/
> 
> Open the terminal and restore it by entering the comand!
> ---------------------------------------------------------------------------------------
> launchctl load -w /System/Library/LaunchDaemons/org.isc.named.plist
>  echo "launchctl start org.isc.named" >> /etc/launchd.conf
> ---------------------------------------------------------------------------------------
> Then re-start BIND
> ---------------------------------------------------------------------------------------
> launchctl start org.isc.named
>  ---------------------------------------------------------------------------------------
> 
> There are several places talking about this stuff but you can verify here:
> Configure BIND to Launch at Startup
> http://www.macshadows.com/kb/index.php?title=How_To:_Enable_BIND_-_Mac_OS_X's_Built-in_DNS_Server
> 
> I hope that helps!
> 
> --
> Eduardo Bonsi
> System Admin
> BEARTCOMMUNICATIONS
> beartcom at pacbell.net
> 
> From: Larry Stone <lstone19 at stonejongleux.com>
> To: bind-users at lists.isc.org 
> Sent: Friday, January 17, 2014 6:45 PM
> Subject: Non-responsive name servers when started during boot on OS X Mavericks 10.9
> 
> Background: I have been using my Macintosh as a server running the client version of OS X (not OS X Server) for many years. Until 10.9 (Mavericks), Apple provided BIND and it worked just fine. My servers were internal only providing behind-NAT local addresses for the local network as well as caching for external names. All went well.
> 
> With the release of 10.9, BIND was no longer provided (I’m currently on 10.9.1). I initially restored the version of named from 10.8 along with my configuration and zone files and all was well (at least as far as I could tell). I then switched to building from source and all was still well (I thought). The primary server was just upgraded to 9.8.6-P2 while the secondary (not a server except as a redundant name server) is still at 9.8.6-P1 (upgrade planned for this weekend).
> 
> Problem: This morning, by happenstance, both were rebooted a few minutes apart and suddenly, nobody could access anything. Finally figured out that named on both was not responding (queries timed out). Killed named (which was immediately restarted by Apple’s launchd) and all was well. Rebooted the secondary to see if it was repeatable and same thing. Nothing of interest in the log - both the initial startup at boot time and restart log identically (and it does log the RFC 1918 empty zones warning so it gets that far). I’m guessing there’s some resource not available at boot time that’s causing named to hang but that really just a will guess.
> 
> I know I’m not providing much information but there’s nothing else I can find so any help with just figuring out why it fails when started at boot time will be a help.
> 
> -- 
> Larry Stone
> lstone19 at stonejongleux.com
> http://www.stonejongleux.com/
> 
> 
> 
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140118/8952604e/attachment.html>

More information about the bind-users mailing list